//  Copyright (c) Microsoft Corporation.  All Rights Reserved.

using System;
using System.Collections.Generic;
using System.Text;
using System.Collections.ObjectModel;

using System.IdentityModel.Tokens;

namespace EAI.SAML
{
    public class EAISamlSecurityToken : SecurityToken
    {
        EAISamlAssertion assertion;
        EAISamlEncryptedAssertion encAssertion;

        public EAISamlSecurityToken(EAISamlAssertion assertion)
        {
            this.assertion = assertion;
            this.assertion.MakeReadOnly();
        }

        public EAISamlSecurityToken(EAISamlEncryptedAssertion encAssertion)
        {
            this.encAssertion = encAssertion;
            this.encAssertion.Assertion.MakeReadOnly();
        }

        public EAISamlAssertion Assertion
        {
            get
            {
                if (this.assertion != null)
                    return this.assertion;
                else
                    return this.encAssertion.Assertion;
            }
        }

        public EAISamlEncryptedAssertion EncryptedAssertion
        {
            get
            {
                if (this.encAssertion != null)
                    return this.encAssertion;

                return null;
            }
        }

        public override bool CanCreateKeyIdentifierClause<T>()
        {
            if (typeof(T) == typeof(EAISamlAssertionKeyIdentifierClause))
                return true;

            return false;
        }

        public override T CreateKeyIdentifierClause<T>()
        {
            if (typeof(T) == typeof(EAISamlAssertionKeyIdentifierClause))
                return new EAISamlAssertionKeyIdentifierClause(this.Assertion.AssertionID) as T;

            throw new InvalidOperationException("Unable to create token reference.");
        }

        public override bool MatchesKeyIdentifierClause(SecurityKeyIdentifierClause keyIdentifierClause)
        {
            EAISamlAssertionKeyIdentifierClause keyClause = keyIdentifierClause as EAISamlAssertionKeyIdentifierClause;
            if (keyClause != null)
                return keyClause.Matches(this.Assertion.AssertionID);

            return false;
        }


        public override string Id
        {
            get { return this.Assertion.AssertionID; }
        }

        public override ReadOnlyCollection<SecurityKey> SecurityKeys
        {
            get 
            {
                return this.Assertion.CryptoList;
            }
        }

        public override DateTime ValidFrom
        {
            get 
            {
                if (this.Assertion.Conditions != null)
                    return this.Assertion.Conditions.NotBefore;
                else
                    return DateTime.MinValue.ToUniversalTime();
            }
        }

        public override DateTime ValidTo
        {
            get 
            {
                if (this.Assertion.Conditions != null)
                    return this.Assertion.Conditions.NotOnOrAfter;
                else
                    return DateTime.MaxValue.ToUniversalTime();
            }
        }
    }
}
